#2726 Long living applicantion can use removed memory cache.
Closed: Fixed None Opened 3 years ago by lslebodn.

File descriptor to memory cache is opened just once and used for all getpw/getgr calls. The cached file descriptor can be used even after removing fast memory cache. Moreover, we do not have a way how to invalidate memory cache after removing files.

Workaround is to invalidate fast memory cache before removing files.
The all fast memory caches are invalidated after calling (sss_cache -U or sss_cache -G).

Fortunately, problem is not visible with calling "service sssd restart" instead of "service sssd stop; rm $mem_cache; service sssd start"

Reproducer:

Python 2.7.10 (default, Jul  5 2015, 14:15:43) 
[GCC 5.1.1 20150618 (Red Hat 5.1.1-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> os.getpid()
8121
>>> 
>>> import pwd
>>> from subprocess import call
>>> pwd.getpwnam('jhrozek')
pwd.struct_passwd(pw_name='jhrozek', pw_passwd='x', pw_uid=10327, pw_gid=10327, pw_gecos='Jakub Hrozek', pw_dir='/home/remote/jhrozek', pw_shell='/bin/bash')
>>> call(["service", "sssd", "stop"])
Redirecting to /bin/systemctl stop  sssd.service
0
>>> call(["rm", "-f", "/var/lib/sss/mc/passwd"])
0
>>> pwd.getpwnam('jhrozek')
pwd.struct_passwd(pw_name='jhrozek', pw_passwd='x', pw_uid=10327, pw_gid=10327, pw_gecos='Jakub Hrozek', pw_dir='/home/remote/jhrozek', pw_shell='/bin/bash')
>>> call(["sss_cache", "-E"])
0
>>> pwd.getpwnam('jhrozek')
pwd.struct_passwd(pw_name='jhrozek', pw_passwd='x', pw_uid=10327, pw_gid=10327, pw_gecos='Jakub Hrozek', pw_dir='/home/remote/jhrozek', pw_shell='/bin/bash')
>>> 
>>> #reason
... 
>>> call(["ls", "-l", "/proc/" + str(os.getpid()) + "/fd/"])
total 0
lrwx------. 1 root root 64 Jul 22 09:17 0 -> /dev/pts/9
lrwx------. 1 root root 64 Jul 22 09:17 1 -> /dev/pts/9
lr-x------. 1 root root 64 Jul 22 09:17 10 -> /dev/urandom
lrwx------. 1 root root 64 Jul 22 09:17 2 -> /dev/pts/9
lr-x------. 1 root root 64 Jul 22 09:17 3 -> /var/lib/sss/mc/passwd (deleted)
lrwx------. 1 root root 64 Jul 22 09:17 4 -> socket:[3301198]
lrwx------. 1 root root 64 Jul 22 09:17 5 -> socket:[3304690]
0

Fields changed

owner: somebody => lslebodn
status: new => assigned

Fields changed

rhbz: => todo

Lower priority than downstream bugzillas, though.

milestone: NEEDS_TRIAGE => SSSD 1.13.2

TODO:

Remove workaround in the commit 586f512

Fields changed

patch: 0 => 1

Even though the patches are under review, we would like to release 1.13.2 tarball soon, therefore I'm moving the ticket out of 1.13.2 for now.

We can move the ticket back if the patches are acked before the 1.13.2 release.

milestone: SSSD 1.13.2 => SSSD 1.13.3

We also need a sssd-1-13 backport.

sssd-1-13:

milestone: SSSD 1.13.3 => SSSD 1.13.2
resolution: => fixed
status: assigned => closed

Fields changed

rhbz: todo => 0

Metadata Update from @lslebodn:
- Issue assigned to lslebodn
- Issue set to the milestone: SSSD 1.13.2

2 years ago

Login to comment on this ticket.

Metadata